Infrastructure Engineer-Devops

HCLTech is a global technology company, spread across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. We re powered by our people a global, diverse, multi-generational talent - representing 161 nationalities whose unique spark, perspective and boundless passion drive our culture of proactive value creation and problem-solving.

Our purpose is to bring together the best of technology and our people to supercharge progress for everyone, everywhere our clients, partners, their stakeholders, communities, and the planet. As a company, we are deeply focused on accelerating our ESG agenda. We are also creating technology-enabled sustainable solutions with and for our clients and partners. We embed ESG imperatives into every aspect of our business and ensure that the progress we supercharge is responsible, inclusive and beneficial to all our stakeholders in the long term. We have committed to achieving net zero by 2040.

To learn more about how we can supercharge progress for you, visit www.hcltech.com

Job Title- Infrastructure Engineer

Location- Edinburgh, Leeds, Halifax, Manchester or Bristol

Hybrid mode- 2 days week (Work from client location)

Infrastructure Engineer role focused on secure web access and SASE engineering. The role is responsible for the end-to-end design, build, deployment, and lifecycle management of technologies that enable secure web access for both users and machine-based traffic. This includes SASE platforms, secure enterprise browser solutions, and controls governing human and machine to machine access.

The role requires strong hands‑on engineering capability and experience with automation and code‑driven delivery.

Role Overview

The role is responsible for the engineering, configuration, deployment, and lifecycle management of technologies enabling secure colleague and machine web access. This includes involvement across SASE components, secure enterprise browsing solutions, and controls supporting both human and machine‑to‑machine traffic. As the organisation moves from ClickOps to DevOps, the role requires strong hands‑on engineering capability and experience with automation and code‑driven delivery.

Key Responsibilities

Technical Delivery & Engineering Excellence

• Contribute hands‑on DevOps engineering expertise using Infrastructure as Code, Policy as Code, CI/CD, API‑driven automation, automated testing, and observability.
• Build, enhance, and maintain web access protection infrastructure, including proxy services, protected corporate browsers, and web/API traffic controls.
• Evolve infrastructure and security patterns for internet connectivity, B2B integrations, and browser/policy control.
• Support product and platform teams with technical input across design, architecture, and roadmap evolution.
• Conduct root cause analysis and support incident remediation in collaboration with security and platform teams.

Operational Delivery

• Implement policy‑as‑code and configuration‑as‑code approaches to remove reliance on manual portal‑based administration.
• Support the monitoring, stability, and continual improvement of SASE services, secure enterprise browser technologies, and machine‑traffic infrastructure.
• Support incident, change, and problem management activities for web access protection services.
• Ensure services meet resilience, documentation, compliance, and audit requirements.
• Collaborate with internal teams and external vendors to ensure high‑quality service delivery.

Risk, Security & Compliance

• Implement and maintain security and access policies for web traffic aligned to enterprise risk frameworks.
• Integrate with SIEM and analytics platforms to support threat detection and response.
• Balance security controls with usability, particularly in the browser and colleague web‑access journey.
• Participate in security reviews, risk assessments, and updates to relevant policies.

Required Experience

• Strong hands‑on modern engineering experience, including CI/CD tooling (e.g., GitHub), Terraform, Python, infrastructure/policy/config‑as‑code.
• Experience working with SASE platforms (e.g., Zscaler, Palo Alto, Blue Coat, McAfee Web Gateway/SkyHigh) and secure enterprise browsers (e.g., Chrome Enterprise, Island, Talon, Edge for Business).
• Knowledge of security controls, DLP, browser isolation, and SASE patterns.
• Experience contributing to incident resolution and change processes.
• Strong communication and collaboration skills to work across technical and product teams.

Desirable Experience

• Experience in regulated environments.
• Relevant security certifications (e.g., CISSP, CCSP).